Network Security Research Based On Intrusion Detection

With the rapid development of computer and network technologies, networkinformation has become an important part of social development, involving thecountry’s government, military, economic and many other fields. Computer networkcomposed of the forms of diversity and openness of the network characteristics,resulting in these networks the information is vulnerable to a variety of human attacksfrom around the world. According to statistics, every20seconds worldwide hackerincidents, network security has become a worldwide can not be avoided and the urgentneed to address.Reinforcement of the traditional operating system technology and firewall isolationtechniques are static security and defense technology, which are mainly based onvarious forms of static prohibit policy, lack of active response to the rapid means ofattack in the network environment. Intrusion security to monitoring of intrusiondetection as a dynamic development in recent years, prevention or defense system, butalso the dynamic security is one of the most core technology, mainly through the state ofreal-time monitoring of network and system behavior and system usage. to theunauthorized use of behavior detection system user, system security and system externalintruders defects of the system intrusion attempt. Its irreplaceable position in anincreasingly complex network situation, and intrusion detection technology is becominga hot spot and an important direction of the current network security.Firstly, starting from the current network security situation, combined with the newchanges in the network security situation, come to the conclusion of the necessity of theintrusion detection system. And comprehensive overview of network security model,proposed in order to achieve the purpose of security, you need to establish a reasonablenetwork security model. Introduced common type of network intrusion and networksecurity technology, and thus leads to the intrusion detection system, and the concept ofintrusion detection systems, system architecture and test method described in detail. Onthis basis, the well-known open source intrusion detection system Snort, its functionalstructure, the rule tree, conducted in-depth analysis of workflow and source, and use therules of optimization techniques to improve Snort performance. Finally, a snort ofseveral commonly used pattern matching algorithms, including single-pattern matching,KMP algorithm and the BM algorithm, the WM of multi-pattern matching algorithm and AC algorithms, time complexity is analyzed, with emphasis on their matchingprocess studied. On this basis, improve the BM algorithm, use of j+m-bit unique, toimprove the efficiency of the algorithm, and concluded that the data experimentalcomparison. Summarize the problems of intrusion detection in endnote, the focus offuture work and outlook to these questions.